Cyber criminals are flooding email inboxes with spam messages offering camera phone footage of the Virginia Tech shootings. The messages, however, are infected with malware that tries to steal banking passwords, user names and account numbers if activated. 

A link within the spam messages points viewers to a file entitled TERROR_EM_VIRGINIA.scr. If downloaded, the link installs a banking Trojan on the user’s computer system (identified as Mal/Packer by Sophos) .

“It is extremely disturbing that cyber criminals have so quickly jumped to exploiting this horrible tragedy. Unfortunately, it’s not that surprising,” said Ron O’Brien, senior security analyst with Sophos.

“We’ve seen similar behavior with other tragedies like Hurricane Katrina and the death of Pope John Paul II. Cyber criminals prey on the interest of concerned citizens hoping for the latest information on breaking news and, if history repeats itself, we’ll see this campaign continue until interest fades.”

Sophos advises Internet users to take extreme caution when downloading links from an unidentified source, and think carefully about the reliability of sources before downloading information.

This latest malware attack confirms something that we all already know; nothing is sacred, and nothing is out of bounds when it comes to cyber criminals coming up with sick new ways to deceive the general public.

Related:

Entry was posted on Thursday, April 19th, 2007 at 12:13 pm under Internet, Security.

Read more entries by John Pospisil.
Stumble It!